Apple has fixed an actively exploited zero-day vulnerability (CVE-2024-23222) that affects Macs, iPhones, iPads and AppleTVs.
Apple on Monday released security updates for iOS, iPadOS, macOS, tvOS, and Safari web browser to address a zero-day flaw that has come under active exploitation in the wild.
The issue, tracked as CVE-2024-23222, is a type confusion bug in the WebKit browser engine that could be exploited by a threat actor to achieve arbitrary code execution when processing maliciously crafted web content. The tech giant said the problem was fixed with improved checks.
What You Should Do
The updates are available for the following devices and operating systems –
- iOS 17.3 and iPadOS 17.3 – iPhone XS and later, iPad Pro 12.9-inch 2nd generation and later, iPad Pro 10.5-inch, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 6th generation and later, and iPad mini 5th generation and later
- iOS 16.7.5 and iPadOS 16.7.5 – iPhone 8, iPhone 8 Plus, iPhone X, iPad 5th generation, iPad Pro 9.7-inch, and iPad Pro 12.9-inch 1st generation
- macOS Sonoma 14.3 – Macs running macOS Sonoma
- macOS Ventura 13.6.4 – Macs running macOS Ventura
- macOS Monterey 12.7.3 – Macs running macOS Monterey
- tvOS 17.3 – Apple TV HD and Apple TV 4K (all models)
- Safari 17.3 – Macs running macOS Monterey and macOS Ventura
If you use any of these devices, we encourage you to apply updates ASAP. If you have any questions or need assistance, please reach out to a member of the BMT team!